mirror/postgresql
2
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-12-21 08:29:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

Clean up error message reported after \password encryption failure.

Browse Source 
Experimenting with FIPS mode enabled, I saw

regression=# \password joe
Enter new password for user "joe":
Enter it again:
could not encrypt password: disabled for FIPS
out of memory

because PQencryptPasswordConn was still of the opinion that "out of
memory" is always appropriate to print.

Minor oversight in b69aba745.  Like that one, back-patch to v14.
This commit is contained in:
Tom Lane 2022-01-11 12:03:06 -05:00
parent 790fbda902
commit 9cb5518b7f
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/interfaces/libpq/fe-auth.c
View File

@ -1290,6 +1290,10 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
if (strcmp(algorithm, "scram-sha-256") == 0) if (strcmp(algorithm, "scram-sha-256") == 0)
{ {
crypt_pwd = pg_fe_scram_build_secret(passwd); crypt_pwd = pg_fe_scram_build_secret(passwd);
/* We assume the only possible failure is OOM */
if (!crypt_pwd)
appendPQExpBufferStr(&conn->errorMessage,
libpq_gettext("out of memory\n"));
} }
else if (strcmp(algorithm, "md5") == 0) else if (strcmp(algorithm, "md5") == 0)
{ {
@ -1307,6 +1311,9 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
crypt_pwd = NULL; crypt_pwd = NULL;
} }
} }
else
appendPQExpBufferStr(&conn->errorMessage,
libpq_gettext("out of memory\n"));
} }
else else
{ {
@ -1316,9 +1323,5 @@ PQencryptPasswordConn(PGconn *conn, const char *passwd, const char *user,
return NULL; return NULL;
} }
if (!crypt_pwd)
appendPQExpBufferStr(&conn->errorMessage,
libpq_gettext("out of memory\n"));
return crypt_pwd; return crypt_pwd;
} }